Vulnerability Details CVE-2021-42749
In Beaver Themer, attackers can bypass conditional logic controls (for hiding content) when viewing the post archives. Exploitation requires that a Themer layout is applied to the archives, and that the post excerpt field is not set.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.8%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
- https://docs.wpbeaverbuilder.com/beaver-builder/developer/conditionally-hidden-content/
- https://tekfused.com/tek/vulnerability-research/beaver-builder-vulnerabilities-visibility-conditional-logic-cve/
- https://docs.wpbeaverbuilder.com/beaver-builder/developer/conditionally-hidden-content/
- https://tekfused.com/tek/vulnerability-research/beaver-builder-vulnerabilities-visibility-conditional-logic-cve/
Products affected by CVE-2021-42749
-
cpe:2.3:a:fastlinemedia:beaver_themer:-